CVE-2025-3642

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-3642

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3642.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-3642

Aliases

Downstream

UBUNTU-CVE-2025-3642

Published

2025-04-25T15:15:38.013Z

Modified

2026-02-15T08:21:18.814701Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

20c70fde231f841ff48c4655914e6391303ccecf

Introduced

4d1cd09d32f553d05ebcb12395c1a67972c315d4

Fixed

8f0c7bb53cd3ead755e941183e6d3bd0ac717a19

Introduced

51f1dea173f3aeafa30e2c341f505c7913c461a8

Fixed

fbb98fb9c7574e145f3384d9d2b2f26b5c3e1041

Introduced

f1c169b32feed42eef9e15de6a9c5ab0aa997d79

Fixed

f22eed6b67af8d0c25732d549680482e1867cd34

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3642.json"